Morioh
Login
Barton Greenfelder

Barton Greenfelder

3 years ago

“We all make mistakes” — That is one of my mantras as a developer. While this is not an excuse for making mistakes, what it can be is an opportunity to grow as a developer.

Unfortunately, one of those mistakes is about committing files accidentally to a code repository. This could come in one of two forms, committing secrets, and/or committing large files to your repository. Secrets are definitely important to you and the organization that you’re working for, which can be represented as monetary costs for third party API keys, or database password which can impact the integrity of your organization if leaked.

As a developer, I have been on both sides of the fence — to have unintentionally added wrong content, and also as part of the “cleanup” squad. **However, whenever I was performing this “cleanup”, the instructions I found were usually just part of the entire solution. **As such, I would like to share on what you can do, to completely scrub these content from your GitHub repository or other git version control systems.

Let’s get started!

Introduction: Understanding the desired outcome

To sum it up, the final outcome is to ensure that the offending files are removed from both the local and remote origins of your target repository.

To do this, we need to first understand in some ways, visually, what to remove. Let’s start off with the “remote” content first.

Image for post

Example of a commit on GitHub, and the URL with the commit hash

In the above, you can see that we have a commit directly referenced from our remote repository, GitHub. If you look closer, you can see that in the address bar, the commit hash is directly referenced within the URL.

What we can extrapolate from this, is that as long as we know the commit hash, getting to the referenced commit on a remote repository like GitHub is a simple task. This applies to every single commit, regardless of whether it exists in a branch or not (And yes, outright deleting your branch on local or remote DOES NOT HELP. It might make it even harder to track the commits with the offending file to remove).

Image for post

Running git show ca110ab… on console for a local repository

Next, we need to look at removing the commits from your local repositories. This applies to every single machine that has synced with your remote repository when the offending files were first added. (Again, branch deletion will not remove the commit(s) ). Running git show *commit-hash* will show the changeset of that commit, similar to what we can see from the URL we want to remove.

#git #programming #github #security #development

“It’s a trap!” — Committing Bad Stuff to GitHub, and fixing the mistake

medium.com

“It’s a trap!” — Committing Bad Stuff to GitHub, and fixing the mistake

As such, I would like to share on what you can do, to completely scrub these content from your GitHub repository or other git version control systems.

1.25 GEEK